GRC Analyst

As an Information Security Officer specializing in Governance, Risk, and Compliance (GRC) and Awareness, your primary responsibility will be to ensure the effective implementation and continuous adherence to policies and procedures. It will be crucial to maintain and enhance GRC programs to align with legal, regulatory, and contractual requirements. You will need to regularly assess and improve information security controls to address evolving business and threat landscapes. Leading information security training and awareness programs to bolster organizational security culture will also be a key aspect of your role. Collaborating with IT and other departments to integrate security measures into all business processes will be essential. Additionally, you will coordinate asset management, Business Impact Assessments, and risk assessments to identify vulnerabilities and update mitigation strategies as needed. Providing up-to-date security reports to the Chief Information Security Officer (CISO) and other stakeholders, as well as conducting third-party risk assessments, will be part of your duties. Your tasks will include reviewing and updating security policies and procedures to ensure their accuracy and ease of understanding. Focusing on refining the GRC framework for operational efficiency and compliance with current standards will also be crucial. Planning, coordinating, and following up on risk activities to mitigate identified risks efficiently will be part of your responsibilities. Developing and delivering engaging security training sessions and phishing simulations tailored to current security challenges will help strengthen the organization's security posture. Working as a liaison for integrating security practices across departmental operations will be essential. Compiling and communicating security performance, status reports, and updates effectively to relevant stakeholders will be a key task. You will also be responsible for planning, coordinating, and following up on the management and implementation of security projects to ensure alignment with organizational security goals. To qualify for this role, you should have a Bachelor's degree or higher in Information Security, Computer Science, or a related field. A minimum of 5 years of experience in information security management or Cyber risk governance is required. Possessing relevant security certifications such as CISSP, CRISC, etc., will be advantageous. Strong project leadership and communication skills are essential. Proficiency in English, both written and verbal, is a must. Experience working with security frameworks and standards like CIS18, ISO27001, as well as developing and conducting security training and awareness programs, will be beneficial. Joining our team will offer you a forefront role in cybersecurity within the chemical industry, a dynamic and inclusive work environment that highlights work-life balance, and opportunities for professional growth in a supportive and collaborative team setting. If you are passionate about security and eager to contribute to a high-performing team, we welcome you to apply by submitting your CV and cover letter in English through our recruitment system. We encourage applicants from all backgrounds to join our diverse team and be a part of shaping a brighter future with sustainable coating solutions at Hempel. Your application is due by 2025-06-14.,